Risk
4/8/2008
06:01 PM
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

RSA: Chertoff Likens U.S. Cyber Security To 'Manhattan Project'

The Homeland Security secretary calls for beefing up the cyberdefenses of federal agencies and making sure all of them can respond to threats around the clock.

In a keynote address at the RSA Conference in San Francisco, Homeland Security Secretary Michael Chertoff warned that the damage caused by a large-scale cyberattack might result in consequences comparable to the Sept. 11, 2001, attack on the World Trade Center buildings in New York.

"We have to look not only at threats that have materialized in the past," said Chertoff. "We have to consider the threats that may materialize in the future. ... We know that a successful large-scale cyberattack against our country would have very wide-reaching consequences."

Through the Internet, terrorists and criminals can do the kind of damage they could never do on their own, Chertoff said. As an example, he cited the massive denial-of-service attack launched against Estonian government computers last year.

"This attack went beyond simple mischief, it represented an actual threat to the ability of the Estonian government to govern the country," said Chertoff.

"Imagine what would happen if it were possible for hackers to enter the air travel system," he said.

Chertoff characterized cybersecurity as a very serious challenge, one that is likely to grow more serious over time. A network response, he said, is necessary to deal with network attacks.

"It takes a network to beat a network," said Chertoff.

Though US-CERT, the U.S. Computer Emergency Readiness Team, which provides information necessary to defend the nation's networks, Chertoff hopes to bring additional resources to bear to defend the country's computers.

Chertoff likened the government's attempt to improve its cybersecurity to the intensive effort of the Manhattan Project that brought the atomic bomb to fruition. In January, President Bush signed an order that gave DHS and the National Security Agency greater power to oversee government computer security. Details about what the agencies are doing remain classified.

Presently, Chertoff said it's not possible to monitor access to federal networks in real time, not all federal agencies have 24/7 network monitoring capabilities, and US-CERT's Einstein system is too backward looking in that it identifies threats that have already had an impact.

Chertoff said the government simply doesn't respond fast enough across the board. "The time delay is time that we cannot afford to lose in a world where attacks come literally in microseconds and from all corners of the globe," he said.

In keeping with the President's National Strategy to Secure Cyberspace, Chertoff aims to reduce the number of network access points into federal agencies from about 1,000 presently to about 50. He called for beefing up the cyberdefenses of federal agencies and making sure that all of them can respond to threats around the clock.

"The best way to deal with an attack is to prevent it before it happens rather than after it has occurred," Chertoff said.

Chertoff also emphasized the need for the federal government to engage with the private sector, given that so much of the nation's critical infrastructure is secured by private organizations.

And at some point when the government's network security systems are more responsive, Chertoff said he expected that the government would share some network security data to help the private sector keep its systems secure.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading December Tech Digest
Experts weigh in on the pros and cons of end-user security training.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-2382
Published: 2014-11-20
The DfDiskLo.sys driver in Faronics Deep Freeze Standard and Enterprise 8.10 and earlier allows local administrators to cause a denial of service (crash) and execute arbitrary code via a crafted IOCTL request that writes to arbitrary memory locations, related to the IofCallDriver function.

CVE-2014-3625
Published: 2014-11-20
Directory traversal vulnerability in Pivitol Spring Framework 3.0.4 through 3.2.x before 3.2.12, 4.0.x before 4.0.8, and 4.1.x before 4.1.2 allows remote attackers to read arbitrary files via unspecified vectors, related to static resource handling.

CVE-2014-8387
Published: 2014-11-20
cgi/utility.cgi in Advantech EKI-6340 2.05 Wi-Fi Mesh Access Point allows remote authenticated users to execute arbitrary commands via shell metacharacters in the pinghost parameter to ping.cgi.

CVE-2014-8493
Published: 2014-11-20
ZTE ZXHN H108L with firmware 4.0.0d_ZRQ_GR4 allows remote attackers to modify the CWMP configuration via a crafted request to Forms/access_cwmp_1.

CVE-2014-8767
Published: 2014-11-20
Integer underflow in the olsr_print function in tcpdump 3.9.6 through 4.6.2, when in verbose mode, allows remote attackers to cause a denial of service (crash) via a crafted length value in an OLSR frame.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Now that the holiday season is about to begin both online and in stores, will this be yet another season of nonstop gifting to cybercriminals?